History

Vadym Samoilenko 3e1865edbd Apply Jintech security audit remediation (sprint 3) — 87/92 findings fixed - Fix missing await on FocusGroup.get_messages() (N-L1) - Replace time.sleep with asyncio.sleep in key_theme_service and focus_group_service (N-P10) - Replace flask import with quart in focus_groups.py (N-S3) - Add logger.error before all 500 returns in focus_groups.py (N-P6) - Add logging to silent except blocks across routes (N-M10, N-M11) - Add @rate_limit to 6 remaining AI endpoints (N-H4) - Add --confirm flag to populate scripts before delete_many (S-H2) - Remove hardcoded Azure ID fallbacks from msal_service.py and msalConfig.ts (A-M2, F-H4) - Centralize make_serializable() in utils.py, remove duplicates from 3 route files (N-P7) - Replace all datetime.utcnow() with datetime.now(timezone.utc) across entire backend (M-L2) - AuthContext.tsx: only mark token validated on 200 success, not on non-401 errors (F-H2) - Rename authType → auth_type in auth.py (N-S4) - Add security_report.md and security_report.pdf with full 92-finding status Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>		2026-03-20 12:51:18 +00:00
..
app	Apply Jintech security audit remediation (sprint 3) — 87/92 findings fixed	2026-03-20 12:51:18 +00:00
prompts	changed permissions	2025-12-19 19:26:16 +00:00
scripts	Apply Jintech security audit remediation (sprint 3) — 87/92 findings fixed	2026-03-20 12:51:18 +00:00
tests	Remove __pycache__ files from git tracking	2025-12-19 13:28:19 -06:00
uploads/focus-group-68af42ff19ed40daa02b0392	changed permissions	2025-12-19 19:26:16 +00:00
.DS_Store	changed permissions	2025-12-19 19:26:16 +00:00
.env.example	Apply Jintech security audit remediation (sprint 3) — 87/92 findings fixed	2026-03-20 12:51:18 +00:00
hypercorn_config.py	changed permissions	2025-12-19 19:26:16 +00:00
logging_config.py	changed permissions	2025-12-19 19:26:16 +00:00
migrate_legacy_folders.py	truncated long folder names so the buttons are still visible, migrated legacy folders to new format	2025-09-11 10:40:01 -05:00
MIGRATION_README.md	changed permissions	2025-12-19 19:26:16 +00:00
README.md	changed permissions	2025-12-19 19:26:16 +00:00
requirements.txt	Bump google-genai to >=1.56.0 to fix aiohttp AssertionError	2026-01-07 14:07:38 -06:00
run.py	changed permissions	2025-12-19 19:26:16 +00:00
test_asset.txt	changed permissions	2025-12-19 19:26:16 +00:00
test_image.png	changed permissions	2025-12-19 19:26:16 +00:00
test_websocket_cross_process.py	changed permissions	2025-12-19 19:26:16 +00:00

README.md

Semblance Synthetic Society Backend

This is the Python backend for the Semblance Synthetic Society project. It provides API endpoints for authentication, personas, and focus groups.

Setup

Make sure you have Python 3.8+ installed
Create a virtual environment:
```
cd backend
python -m venv venv
```
Activate the virtual environment:
- On macOS/Linux:
```
source venv/bin/activate
```
- On Windows:
```
venv\Scripts\activate
```
Install dependencies:
```
pip install -r requirements.txt
```

Running the Backend

python run.py

The server will start on http://localhost:5000

API Endpoints

Authentication

POST /api/auth/login - Login with username and password
POST /api/auth/register - Register a new user
GET /api/auth/me - Get current user profile

Personas

GET /api/personas - Get personas for current user
GET /api/personas/all - Get all personas
GET /api/personas/:id - Get persona by ID
POST /api/personas - Create a new persona
PUT /api/personas/:id - Update a persona
DELETE /api/personas/:id - Delete a persona
POST /api/personas/batch - Create multiple personas

Focus Groups

GET /api/focus-groups - Get focus groups for current user
GET /api/focus-groups/all - Get all focus groups
GET /api/focus-groups/:id - Get focus group by ID
POST /api/focus-groups - Create a new focus group
PUT /api/focus-groups/:id - Update a focus group
DELETE /api/focus-groups/:id - Delete a focus group
POST /api/focus-groups/:id/participants - Add participant to focus group
DELETE /api/focus-groups/:id/participants/:personaId - Remove participant from focus group
GET /api/focus-groups/:id/messages - Get messages for a focus group
POST /api/focus-groups/:id/messages - Add a message to a focus group

AI Personas

POST /api/ai-personas/generate - Generate a synthetic persona using AI
POST /api/ai-personas/generate-and-save - Generate and save a synthetic persona
POST /api/ai-personas/batch-generate - Generate multiple synthetic personas
POST /api/ai-personas/batch-generate-and-save - Generate and save multiple synthetic personas

Focus Group AI

POST /api/focus-group-ai/generate-response - Generate an AI response from a persona in a focus group discussion

AI Response Generation Example

Request Body:

{
  "focus_group_id": "focus_group_id",
  "persona_id": "persona_id",
  "current_topic": "What do you think about this product?",
  "temperature": 0.7  // Optional, controls randomness (0.0 to 1.0)
}

Response:

{
  "message": "Response generated successfully",
  "response": "I find the product quite interesting. As someone who values efficiency, I appreciate the intuitive interface and how it streamlines my workflow. However, I'm concerned about the price point, which seems high compared to similar options on the market.",
  "message_id": "message_id"
}

How AI Response Generation Works

The system generates realistic persona responses by:

Using the persona's demographic details, personality traits, goals, and frustrations
Including the full discussion guide text
Taking up to 50 most recent conversation messages for context
Processing the current topic/question
Generating a response in the persona's authentic voice

The current_topic parameter can be any text: a moderator question, a specific prompt, or a summary of discussion points. The AI will respond as if the persona is directly addressing this topic.

Default User

A default user with the following credentials is automatically created:

Username: user
Password: pass
Role: admin